SSL / TLS and Code Signing certificates


Go to SSL Shop

SSL Server certificates

Installing an SSL Server certificate on your website allows you to enable the TLS (Transport Layer Security) protocol, the standard solution for guaranteeing security of online transactions.

With the application of TLS, two crucial security mechanisms are enabled:

  1. secure channel: all data exchanged between your website and browsers are enciphered (full session encryption), preventing eavesdropping;
  2. server authentication: the user can verify the authenticity of the website and the identity of the organization managing it.

Actalis offers all three types of SSL certificates:

  • Domain Validation SSL Certificate (DV)
  • Organization Validation SSL Certificate (OV)
  • Extended Validation SSL Certificate (EV)

Certificate attributes

  DV-class OV-class EV-class
Validation of domain control Yes Yes Yes
Validation of organization name Yes Yes
Extended validation of organization Yes
Enables server authentication Yes Yes Yes
Enables secure channel (encrypted session) Yes Yes Yes
Padlock shown in browser Yes Yes Yes
Green bar or other special UI shown in browser Yes
Organization name shown in browser Yes
Issued with SHA-256 Yes Yes Yes
Support for RSA server keys Yes Yes Yes
Support for ECC server keys on request on request on request
Validity period 1 year 1 year 1 year
Can be "Single Domain" Yes Yes Yes
Can be "SAN" (multi-domain) Yes Yes Yes
Can be "wildcard" Yes Yes

SSL Server certificates issued by Actalis are supported by all the major web browsers on all the main client platforms (desktop, tablet, smartphones, etc.). In addition, certificates can be issued very quickly, thanks to Actalis’ smooth and efficient procedures, either online at the SSL shop, or by means of a sales proposal.

SSL shop Sales Proposal

Buy whichever SSL certificate you need in just a few clicks from shop.actalis.com

Go to shop

In order to activate a DV, OV or EV SSL certificate you must first request a commercial offer using the relevant form.

Go to the form

Code Signing certificates

In addition to SSL Server certificates, Actalis also offers Code Signing certificates, suitable for signing a wide range of executable software (such as Java applets, installation packages, shared libraries, device drivers, etc.). Code signing allows end users and platforms to verify the integrity and authenticity of such files, thus protecting their PCs from malware. Actalis code signing certs are supported by all major run-time platforms (Windows, Java, etc.)

User documentation

CA and SubCA Certificates

Currently in use

Used in the past

Compliance Audit 

Tools

Self-support: how to request and install your SSL Server certificate

Win­dows/IIS

(*) This is normally not necessary, unless auto-updates are disabled on your server.

Apache

Self-support: how to request and install your Code Signing certificate

Or­a­cle Java

MS Win­dows

Ap­ple OSX

How to revoke your certificate

To request revocation of your certificate, go to https://​extwebra.​actalis.​it/​portal/​ and log in using the credentials that we sent you by email. Keep in mind that revocation is mandatory under some circumstances (please read our CPS carefully).

Problem reporting

To report problems related to SSL Server or Code Signing certificates issued by Actalis, you may:

  • send an email to cert-problem at actalis.it (we commit to timely read that mailbox during working hours only),
  • or - IN EMERGENCY ONLY - call our telephone number +39-0575-050.376 (please keep in mind that we do not provide technical support at that number: we only take charge of problems related to already issued certificates).

By "problems" we mean events or situations that - if confirmed - justify an urgent action by Actalis, such as the compromise of the owner's private key, a court order, the criminal use of the certificate (e.g. for phishing, or malware distribution), and so on. Depending on the problem severity, Actalis may decide to revoke the certificate, as provided for in the CPS.

You must provide at least the following information, when reporting a problem to Actalis, or your alert will be ignored:

  • your full name
  • your phone number
  • description of the alleged problem
  • enough information to identify the offending certificate

If the problem reporter claims to represent the certificate holder organization, he/she must prove that by answering some questions.

Warning: customer support is not provided through the phone number and the email address mentioned above. Support requests received via those channels will be ignored and will not receive an answer.

Reminder: if you are the certificate owner, you can at any time revoke your own certificate, by yourself, via the web interface at https://extwebra.actalis.it/portal/, after logging in with the credentials that have been sent to you at certificate issuance time.

  • Maximum certificate lifespan from September 1, 2020
    A major browser vendor recently announced that as of Sept. 1, 2020 it will no longer consider as valid and secure SSL certificates issued after this date with validity of more than 398 days (equal to one year + 1 month).
    For this reason, from August 3, 2020, SSL certificates issued by Actalis will have a maximum validity of one year, net of the notice period for renewal.
    Until August 3, 2020, however, SSL certificates with 24 months validity can still be purchased and activated as those activated before this date will still be considered valid until their expiry.
  • EIDAS certificates for PSD2
    The entry into force of the second European Payment Services Directive (PSD2) has triggered a revo­lution in the world of online payments. By mid-September 2019, the transactions between EU banks and third-party payment service providers (TPPs) must be secured by qualified certificates complying with the eIDAS regulation: qualified certificates for websites (QWAC) and/or qualified certificates for electronic seal (QSEalC) containing certain PSD2-related information about the Subject. If you need these certificates, please write to info@actalis.it

Supported Browsers and Platforms

Find below the platforms and browsers currently supported by Actalis SSL Server certificates (root: “Actalis Authentication Root CA”).

Desktop platforms (for PCs)

  • Windows: XP SP3 (for SSL certs only), Windows Vista, Windows 7, Windows 8 e 8.1, Windows 10
  • Apple OS X: 10.6.8 and newer
  • Linux: all main distributions (e.g. Ubuntu, Fedora, etc.)

Tablet/Smartphone platforms

  • Android 4.4.3 and newer
  • Apple iOS 7 and newer
  • Windows RT, Windows Phone v8+
  • BlackBerry OS v10
  • Chrome OS
  • Firefox OS

Desktop browsers

  • Microsoft Internet Explorer v8+ (Windows)
  • Microsoft Edge (Windows 10)
  • Mozilla Firefox v17+ for Windows, OSX, Linux
  • Google Chrome for Windows, OS X, Linux
  • Apple Safari for OS X
  • Opera for Windows, OS X, Linux, Solaris
  • Konqueror (Linux)

Mobile browsers

  • Android: native browser, Chrome, Firefox, Opera, Dolphin, …
  • iOS: Safari, Chrome, Dolphin, …
  • Windows Phone: Internet Explorer
  • BlackBerry: native browser, Opera

Browser for Java phones

  • Opera Mini

Server platforms

  • Windows Server 2008 and newer
  • Linux: all main distributions (e.g. Red Hat, CentOS, Debian, ecc.)

Java run-times

  • Oracle JRE/JDK v1.8.0_51 and newer
  • OpenJDK v1.6.0_33 (IcedTea) and newer
  • Apple Java 6 for OSX v1.6.0_65 and newer

Other run-times

  • Node.js